package com.li.controller;

import com.li.model.MyMassage;
import com.li.model.User;
import com.li.service.UserService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.http.ResponseEntity;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.validation.Valid;
import javax.validation.constraints.NotNull;
@Api(tags = "用户登录注册退出")
@RestController
public class UserLoginController {
    @Autowired
    private UserService userService;
    @ApiOperation("用户登录")
    @PostMapping("/login")
    public ResponseEntity<MyMassage> login(String username, String password,int rememberMe){
        //获取当前用户
        Subject subject = SecurityUtils.getSubject();
        //封装用户数据
        UsernamePasswordToken token = new UsernamePasswordToken(username,password);
        if (rememberMe == 1){
            //记住我
            token.setRememberMe(true);
        }
        try{
            System.out.println("登录用户"+token);
            subject.login(token);

            return ResponseEntity.ok(new MyMassage("登录成功",null,200));
        }catch (UnknownAccountException e){
            return ResponseEntity.ok(new MyMassage("用户名错误",null,400));
        }catch (IncorrectCredentialsException e){
            return ResponseEntity.ok(new MyMassage("密码错误",null,400));
        }

    }
    //退出登录
    @ApiOperation("退出登录")
    @GetMapping("/logout")
    public  ResponseEntity<MyMassage> logout(){
        Subject subject = SecurityUtils.getSubject();
        Session session = subject.getSession();
        session.removeAttribute("USER_SESSION");
        System.out.println("用户退出");
        return ResponseEntity.ok(new MyMassage("退出成功",null,200));
    }
    @ApiOperation("用户注册")
    @PostMapping("/register")
    public ResponseEntity<MyMassage> reg(@RequestBody @Valid User user){
        if (userService.queryUserByName(user.getUsername()).isPresent()){
            ResponseEntity.ok(new MyMassage("用户已存在",null,400));
        }
        userService.addUser(user);
        return ResponseEntity.ok(new MyMassage("注册成功",user,200));
    }
    @ApiOperation("无权限访问(403)")
    @GetMapping("/unauthorized")
    public ResponseEntity<MyMassage> unauthorized(HttpServletResponse response){
        response.setStatus(403);
       return ResponseEntity.ok(new MyMassage("此用户无权限",null,403));
    }
    @ApiOperation("未登录(402)")
    @GetMapping("/toLogin")
    public ResponseEntity<MyMassage> unLogin(HttpServletResponse response){
        response.setStatus(402);
        return ResponseEntity.ok(new MyMassage("此用户未登录",null,404));
    }
}
